<?php
session_start();
require 'connection.php';

$app = new \Slim\Slim();
$app->get('/article/find_all/:page', authorize('admin'), 'findAll');
$app->get('/article/search/:search', authorize('admin'), 'search');
$app->get('/article/search_purcharse/:search', authorize('admin'), 'search_purcharse');
$app->get('/article/search_sale/:search', authorize('admin'), 'search_sale');
$app->get('/article/:id', authorize('admin'), 'read');
$app->post('/article', authorize('admin'), 'add');
$app->post('/article/img/:id', authorize('admin'), 'add_img');
$app->post('/article/editprice', authorize('admin'), 'editprice');
$app->put('/article/:id', authorize('admin'), 'edit');
$app->delete('/article/:id', authorize('admin'), 'delete');

$app->run();

function find() {
    $page = ($page - 1) * 8;
    $sql_list = "SELECT id, code, name, category_id, price FROM articles ";
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_list);
        $stmt->execute();
        $rst_find = $stmt->fetchAll(PDO::FETCH_OBJ);
        $db = null;
        echo json_encode($rst_find);
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
        return;
    }
}

function findAll($page) {
    $page = ($page - 1) * 8;
    $sql_list = "SELECT article.id article_id, article.model article_model, article.name article_name, 
        article.category_id article_category_id, 
        article.price_purcharse article_price_purcharse, 
        article.price_sale article_price_sale, 
            article.img article_img,
        category.id category_id, category.name category_name
        FROM articles article 
        INNER JOIN categories category
        ON article.category_id = category.id
        LIMIT " . $page . ", 8";

    $sql_count = "SELECT count(*) FROM articles ";

    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_list);
        $stmt->execute();
        $rst_find = $stmt->fetchAll(PDO::FETCH_OBJ);


        $result = $db->prepare($sql_count);
        $result->execute();
        $rst_count = $result->fetchColumn();

        $db = null;
        echo '{"result":' . json_encode($rst_find) . ', "count" :' . $rst_count . ' }';
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
        return;
    }
}

function search($search) {
    $sql_list = "SELECT * FROM articles WHERE name LIKE '%" . $search . "%' ";
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_list);
        $stmt->execute();
        $rst_find = $stmt->fetchAll(PDO::FETCH_OBJ);
        $db = null;
        echo '{"result":' . json_encode($rst_find) . ' , "count" :0}';
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
        return;
    }
}

function search_purcharse($search) {
    $sql_list = "SELECT id, name, price_purcharse price FROM articles WHERE name LIKE '%" . $search . "%' ";
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_list);
        $stmt->execute();
        $rst_find = $stmt->fetchAll(PDO::FETCH_OBJ);
        $db = null;
        echo '{"result":' . json_encode($rst_find) . ' , "count" :0}';
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
        return;
    }
}

function search_sale($search) {
    $sql_list = "SELECT id, name, price_sale price FROM articles WHERE name LIKE '%" . $search . "%' ";
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_list);
        $stmt->execute();
        $rst_find = $stmt->fetchAll(PDO::FETCH_OBJ);
        $db = null;
        echo '{"result":' . json_encode($rst_find) . ' , "count" :0}';
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
        return;
    }
}

function read($id) {
    $sql_read = "SELECT * FROM articles WHERE id = :id";
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_read);
        $stmt->bindParam("id", $id);
        $stmt->execute();
        $rst = $stmt->fetchObject();
        $db = null;
        echo json_encode($rst);
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
    }
}

function add() {
    //$sql_add = "INSERT INTO articles(code, name, category_id, price) VALUES (:code, :name, :category_id, :price)";
    $sql_add = "INSERT INTO articles(name,model,brand_id,category_id,unit_id,stock_minimun) 
        VALUES (:name,:model,:brand_id,:category_id,:unit_id,:stock_minimun)";
    $request = \Slim\Slim::getInstance()->request();
    $param = json_decode($request->getBody());
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_add);
        //$stmt->bindParam("code", $param->code);
        $stmt->bindParam("name", $param->name);
        $stmt->bindParam("model", $param->model);
        $stmt->bindParam("brand_id", $param->brand_id);
        $stmt->bindParam("category_id", $param->category_id);
        $stmt->bindParam("unit_id", $param->unit_id);
        $stmt->bindParam("stock_minimun", $param->stock_minimun);
        //$stmt->bindParam("price", $param->price);

        $stmt->execute();
        $id = $db->lastInsertId();
        $db = null;
        echo json_encode($id);
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
    }
}

function edit($id) {
    //$sql_edit = "UPDATE articles SET code = :code, name = :name,category_id = :category_id, price = :price, img = :img  WHERE id=:id";
    $sql_edit = "UPDATE articles SET 
        name = :name, 
        model = :model,
        brand_id = :brand_id, 
        category_id = :category_id, 
        unit_id = :unit_id,
        stock_minimun = :stock_minimun
        WHERE id=:id";
    $request = \Slim\Slim::getInstance()->request();
    $body = $request->getBody();
    $param = json_decode($body);
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_edit);
        //$stmt->bindParam("code", $param->code);
        $stmt->bindParam("id", $param->id);
        $stmt->bindParam("name", $param->name);
        $stmt->bindParam("model", $param->model);
        $stmt->bindParam("brand_id", $param->brand_id);
        $stmt->bindParam("category_id", $param->category_id);
        $stmt->bindParam("unit_id", $param->unit_id);
        $stmt->bindParam("stock_minimun", $param->stock_minimun);
        //$stmt->bindParam("price", $param->price);
        //$stmt->bindParam("img", $param->img);

        $stmt->bindParam("id", $id);
        $stmt->execute();
        $db = null;
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
    }
}

function add_img($id) {
    $sql_edit = "UPDATE articles SET img=:img WHERE id=:id";
    $request = \Slim\Slim::getInstance()->request();
    $body = $request->getBody();
    $param = json_decode($body);
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_edit);
        $stmt->bindParam("img", $param->img);

        $stmt->bindParam("id", $id);
        $stmt->execute();
        $db = null;
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
    }
}

function delete($id) {
    $sql_delete = "DELETE FROM articles WHERE id=:id";
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_delete);
        $stmt->bindParam("id", $id);
        $stmt->execute();
        $db = null;
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
    }
}

function editprice() {
    $sql_edit = "UPDATE articles SET price_sale = :price_sale  WHERE id=:id";
    $request = \Slim\Slim::getInstance()->request();
    $body = $request->getBody();
    $param = json_decode($body);
    try {
        $db = getConnection();
        $stmt = $db->prepare($sql_edit);
        $stmt->bindParam("id", $_POST["id"]);
        $stmt->bindParam("price_sale", $_POST["price_sale"]);
        $stmt->execute();
        echo "ok";
        $db = null;
    } catch (PDOException $e) {
        echo '{"error":{"text":' . $e->getMessage() . '}}';
    }
}

?>